CVE-2020-19148

creationtimestamp| type| source ---|---|--- 2021-09-15 18:22:22+00:00| seen| https://t.me/cibsecurity/28901...

CVE-2020-19148

Cross Site Scripting XSS in Jfinal CMS v4.7.1 and earlier allows remote attackers to execute arbitrary code via the 'Nickname' parameter in the component '/jfinalcms/front/person/profile.html'...

CVE-2020-19148

Cross Site Scripting XSS in Jfinal CMS v4.7.1 and earlier allows remote attackers to execute arbitrary code via the 'Nickname' parameter in the component '/jfinalcms/front/person/profile.html'...

CVE-2020-19148

CVE-2020-19148 affects Jfinal CMS up to version 4.7.1. A Cross Site Scripting (XSS) flaw allows remote attackers to execute arbitrary code via the Nickname parameter in the /jfinal_cms/front/person/profile.html component. Exploitation details are not provided in the supplied documents, and no rem...

CVE-2019-19148

Tellabs Optical Line Terminal OLT 1150 devices allow Remote Command Execution via the -l option to TELNET or SSH. Tellabs has addressed this issue in the SR30.1 and SR31.1 release on February 18, 2020...

CVE-2019-19148

CVE-2019-19148 affects Tellabs Optical Line Terminal (OLT) 1150 devices, where Remote Command Execution is possible via the -l option on TELNET or SSH. The root cause is an exploitable command path enabled by -l that allows execution of commands with the attacker-supplied input. Tellabs addressed...

CVE-2019-19148

Tellabs Optical Line Terminal OLT 1150 devices allow Remote Command Execution via the -l option to TELNET or SSH. Tellabs has addressed this issue in the SR30.1 and SR31.1 release on February 18, 2020...

CVE-2018-19148

CVE-2018-19148 affects Caddy up to 0.11.0. When a request’s Host header cannot be matched to any vhost, Caddy serves the X.509 certificate for a randomly selected vhost in its configuration. Repeated requests with nonexistent hostnames enable enumeration of all certificates and relationships amon...